<?php session_start();

include ("conn.php");

// echo '<pre>'; print_r($_POST);

$username = addslashes(trim($_POST['username']));
$password = addslashes(trim($_POST['password']));
//$setcookie = $_POST['setcookie'];

if($username != "" && $password != "") 
{

$sql1 = "SELECT * FROM user_profiles WHERE login='".$username."' AND password='".$password."' AND user_status = '1'";
	 		$res1 = mysql_query($sql1, $conn) or die(mysql_error());
	  		

	
if(mysql_num_rows($res1) > 0)
		{
		
		$row = mysql_fetch_array($res1);
		
		// echo $row['userid']; exit;
		
		$_SESSION['id'] = $row['id'];
		$_SESSION['login'] = $row['login'];
		$_SESSION['first_name'] = $row['first_name'];	
		$_SESSION['last_name'] = $row['last_name'];
		$_SESSION['middle_name'] = $row['middle_name'];	
		$_SESSION['logged'] = "1";
		$_SESSION['login_dt'] = date("Y-m-d h:i:s");
		$_SESSION['error'] = "";
		
		
		if($setcookie==1) 
			{
			setcookie("cookie[username]", $username, $time + 3600); // Sets the cookie username
			setcookie("cookie[password]", $password, $time + 3600); // Sets the cookie password
			}
		else if($setcookie=='') 
			{
			setcookie("cookie[username]",'', $time + 3600); // Sets the cookie username
			setcookie("cookie[password]", '', $time + 3600);
			}
		
		}
		else
		{
		// echo NO;
		
		$_SESSION['error'] = "Invalid login information provided.";
		}
	
}
else
{
	if($username=='')
		$_SESSION['error'] = "User Name is empty.";		
	
	if($password=='')
		$_SESSION['error'] .= "Password is empty.";		
}	
		
 echo "<script language='javascript'>
   		window.location ='".$_SERVER['HTTP_REFERER']."';
   		 </script>";  
		
		
		/*
		$results = @mysql_query($sqlquery) or die("Query '$sqlquery' failed");

		if(mysql_num_rows($results) == 1) {
		
		echo "asdasdasdsad testing";
		
		$row = mysql_fetch_array($results);
		
			
			$_SESSION['login_id'] = $row['login'];
			$_SESSION['userid'] = $row['l_email'];
			$_SESSION['error'] = "";
			$_SESSION['logged'] = "yes";
			$_SESSION['fname'] = $row['l_fname'];
			$_SESSION['lname'] = $row['l_lname'];
			
			$_SESSION['isLeftLogin'] = "yes";
			
			$check = $_POST['setcookie'];
			$time = time(); 
			
			if($check == 'setcookie') 
			{
				
			setcookie("cookie[username]", $p['username'], $time + 3600); // Sets the cookie username
			setcookie("cookie[password]", $p['password'], $time + 3600); // Sets the cookie password
			}

			
			if($check == '') 
			{
			
			setcookie("cookie[username]",'', $time + 3600); // Sets the cookie username
			setcookie("cookie[password]", '', $time + 3600);
			
			
				
			}
			
			
			header("Location: addOrder.php");
		
		}
		else 
		{
			$loginerror="1";
			$_SESSION['error'] = "Invalid username/password"; //Used when entering wrong username or password
			header("Location: index.php?loginerror=$loginerror");
		}
	}
	else 
	{
	    $error="Please enter name and password"; //Used when  username or password is not entered
		$_SESSION['error'] = "Empty";
		header("Location: index.php?error=error");
	} 	*/
	
	// echo $_SESSION['error'];
?>